Most existing mobile terminals can be used, not only to make telephone calls, but also to execute a certain number of applications downloaded into a security module linked to the terminal. This security module may be a memory module of the terminal or a removable medium (for example, a subscriber chip card) inserted into the terminal.
The downloading of these applications is performed via a conventional connection between the mobile terminal and a management server.
Such an application comprises, on the one hand, a program part which is executed upon the receipt of an instruction to select the application from an external equipment item, for example a contactless terminal, and, on the other hand, an application data area.
These application data are generated by a service provider, for example, a bank for a payment application, and transmitted via a secure channel to a management server. Following the receipt of these data, the management server orders the downloading of these data into the security module, using a set of keys shared between it and this module.
During the life of the application, a portion of these data may be updated by the application itself.
There is no means for an equipment item such as a management server for recovering these modified data in order to transfer them to another security module or to back them up when updating the application.
Thus, upon a change of security module, for example a change of SIM card following a change of operator, the user must contact the management server managing the application which once again contacts the application's service provider to obtain the application data.
With the increase in the number of mobile terminals, changes of security module are more frequent, and this process becomes difficult to manage.
Furthermore, the downloaded application data are initial data and not data updated during the life of the application.
The company SICAP (registered trademark) proposes a product making it possible to update the configuration of a SIM (Subscriber Identity Module) card. This update consists, for a remote server, in reading the configuration data in a SIM card inserted into a mobile terminal then rewriting them into another SIM card. The duly transferred data are non-sensitive data, that is to say non-confidential data, and consequently data that are not read-protected. To read such data, the server transmits a read instruction conforming to Standard ISO 7816-4. This product does not make it possible to read confidential information and therefore does not make it possible to copy the confidential application data of an application installed on a SIM card.
Moreover, upon an update of the application, for example a change of version of the application program, the application data area is reinitialized with the data transmitted once again by the service provider linked to the application.
There is therefore a need to be able to securely recover an application's application and confidential data area in order to transfer it to another security module or to reinstall it upon an update of the application, without involving a service provider.